The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
People make mistakes. We can train them, we can write policies and procedures, we can run phishing tests, … and we still won’t have wiped out all the person-induced cyber risk from our organisations, because eventually someone will do something they shouldn’t.
So how should we act when this happens? Accept that we can’t stop all attacks all the time, and brush it off as “one of those things”? Go zero-tolerance on cyber error and call it gross misconduct by default? Can we, for that matter, even have a set policy on how we deal with someone doing something wrong?
Learning Objective:
To show, by way of real-world examples, the benefits of working with users who make mistakes rather than using policies as blunt instruments and punishing by default.
Speaker(s):
Dave
Cartwright,
CISSP,
Head of Technology Operations & Risk / Chief Information Security Officer,
Santander International
You must be logged in and own this session in order to
post comments.